1 to 25 of 168 PCI DSS Jobs in the UK

Security Compliance Manager - Payments, PCI DSS, SOC2 - £100,000 A rapidly growing payments technology company that has established itself as a major player in the UK market, is seeking a Security Compliance Manager to drive their critical compliance initiatives and strengthen their security posture as they continue their expansion across multiple markets. This is a great opportunity for … an experienced Security Compliance Manager to take ownership of comprehensive compliance programs within a dynamic payments environment. You'll be the go-to expert for PCI certifications, leading compliance strategy, and building robust security control frameworks that enable business growth while maintaining customer trust. Working within the Product Security team, you'll collaborate closely with engineering and product development … to embed security compliance from the ground up. The Security Compliance Manager's responsibilities: Leading and managing all PCI compliance initiatives including PCI DSS, PCI PIN, PCI P2PE certifications, with responsibility for achieving new certifications such as PCI MPoC and PCI SSF. Serving as the primary liaison with Qualified Security Assessors (QSAs) and More ❯

a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using … Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting … Profile 29s privacy policy can be found at: profile-29 .com/privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London More ❯

Principal Information Security Consultant — PCI-DSS Service Line Are you a cybersecurity leader passionate about building impactful solutions from the ground up? We’re seeking a Principal Information Security Consultant to spearhead the development of a new service line focused on helping clients navigate PCI-DSS compliance challenges in today’s digital ecosystem. This established practice … UK team is focused on achieving meaningful outcomes, empowering organizations to protect valuable data, and sustain trust with stakeholders. Key Duties and Responsibilities Architect and deliver a market-leading PCI-DSS advisory service, including go-to-market strategy and solution offerings. Engage with clients to assess their payment ecosystem, map out PCI-DSS obligations, and design … tailored roadmaps for ongoing compliance and risk mitigation. Develop innovative methodologies and frameworks that simplify the complexities of PCI-DSS and enable efficient, sustainable compliance. Lead and mentor a team of consultants, shaping their technical growth and project delivery standards. Keep abreast of evolving payment security standards, regulatory developments, and emerging threats, advising both clients and internal teams More ❯

Job Specification Project Manager - PCI DSS Compliance Location: Stockport (Hybrid - 1 day/week onsite) Rate: Up to £600/day (Inside IR35) Contract Length: 3 months initially Start Date: ASAP Sector: Transport Overview We are seeking an experienced Project Manager to lead a critical PCI DSS compliance project within the transport sector. This role requires … the project, drive delivery, and coordinate across multiple teams and stakeholders to ensure successful and timely compliance. Key Responsibilities Lead and manage the end-to-end delivery of the PCI DSS compliance project. Act as the central point of contact for all PCI DSS-related activities. Coordinate with internal teams, external vendors, and Qualified Security Assessors … risk registers. Proactively identify and resolve project risks, issues, and blockers. Provide regular updates to senior stakeholders and ensure alignment with business objectives. Essential Skills & Experience Proven experience managing PCI DSS compliance projects. Strong understanding of QSA processes and AOC documentation. Excellent stakeholder engagement and communication skills. Ability to lead cross-functional teams and drive accountability. Strong organisational More ❯

AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCI DSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & DevOps Integration (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Configure and maintain authentication solutions (SSO, SAML, Entra Connect). Develop and manage … CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001). In-depth understanding of network security and compliance in regulated environments. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall and load balancer technologies for secure More ❯

based transaction systems, including payment card processing infrastructure, in a team that values collaboration, security, and reliability. You'll work closely with third-party service providers, ensure compliance with PCI DSS, and help build secure abstractions over APIs that interface with our clients. Responsibilities Maintain and expand our serverless card payment infrastructure built with TypeScript, Node.js, and AWS … Lambda, API Gateway, DynamoDB). Ensure continued PCI DSS compliance. Work with others to fix bugs, implement minimal new features, trace errors, and ensure security patches are applied in production and pre-production environments. Support a clean and well-documented strategy for all dependent services and infrastructure. Collaborate in daily scrum ceremonies, working closely with engineering, security, and … API development, RESTful design, and secure authentication. Demonstrated knowledge of API security and OWASP Top 10 vulnerabilities. Experience with Docker, Linux, Git, and container-based environments. Working familiarity with PCI DSS, payment systems, or other regulated environments is highly desirable. Excellent communicator with a self-starter attitude and comfort working autonomously. Demonstrable expertise and understanding of API development More ❯

cloud-based transaction systems, including payment card processing infrastructure, in a team that values collaboration, security, and reliability. Youll work closely with third-party service providers, ensure compliance with PCI DSS, and help build secure abstractions over APIs that interface with our clients. Responsibilities Maintain and expand our serverless card payment infrastructure built with TypeScript, Node.js, and AWS … Lambda, API Gateway, DynamoDB). Ensure continued PCI DSS compliance. Work with others to fix bugs, implement minimal new features, trace errors, and ensure security patches are applied in production and pre-production environments. Support a clean and well-documented strategy for all dependent services and infrastructure. Collaborate in daily scrum ceremonies, working closely with engineering, security, and … API development, RESTful design, and secure authentication. Demonstrated knowledge of API security and OWASP Top 10 vulnerabilities. Experience with Docker, Linux, Git, and container-based environments. Working familiarity with PCI DSS, payment systems, or other regulated environments is highly desirable. Excellent communicator with a self-starter attitude and comfort working autonomously. Demonstrable expertise and understanding of API development More ❯

procedures in alignment with business objectives, while considering operational needs. Direct the management and continuous improvement of the Information Security Management System (ISMS). Oversee and manage Ravelin's PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified. Conduct routine risk assessments to determine and reduce information security … robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations. Requirements Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS. Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g. More ❯

fostering a collaborative, inclusive culture rooted in technical excellence, accountability, and continuous improvement. Own the architecture, development, and operational health of mission-critical systems, including sensitive payment infrastructure and PCI DSS-compliant CDE components. Drive integration with a wide ecosystem of third-party providers, including EV charging networks, fuel stations, toll operators, parking aggregators, and acquirers, enabling seamless … performance, and scalability through robust observability, incident response processes, performance testing, and fault-tolerant architecture. Partner with Security, Compliance, and Infrastructure teams to meet regulatory and certification standards (e.g., PCI DSS, TISAX, ISO 27001), and embed security into development workflows. Collaborate cross-functionally with Product, Partner Operations, and Business Development to translate user and partner needs into scalable … a user-centric and data-driven mindset. Experience in designing and operating transactional systems, including session management and payment systems. Demonstrated success in delivering systems in regulated environments (e.g. PCI DSS, TISAX, ISO 27001), including compliance alignment and audit readiness. Advanced knowledge of cloud-native engineering (preferably AWS), microservice architecture, container orchestration, and scalable infrastructure. Fluent in agile More ❯

fostering a collaborative, inclusive culture rooted in technical excellence, accountability, and continuous improvement. Own the architecture, development, and operational health of mission-critical systems, including sensitive payment infrastructure and PCI DSS-compliant CDE components. Drive integration with a wide ecosystem of third-party providers , including EV charging networks, fuel stations, toll operators, parking aggregators, and acquirers, enabling seamless … performance, and scalability through robust observability, incident response processes, performance testing, and fault-tolerant architecture. Partner with Security, Compliance, and Infrastructure teams to meet regulatory and certification standards (e.g., PCI DSS, TISAX, ISO 27001), and embed security into development workflows. Collaborate cross-functionally with Product, Partner Operations, and Business Development to translate user and partner needs into scalable … a user-centric and data-driven mindset. Experience in designing and operating transactional systems, including session management and payment systems. Demonstrated success in delivering systems in regulated environments (e.g. PCI DSS, TISAX, ISO 27001), including compliance alignment and audit readiness. Advanced knowledge of cloud-native engineering (preferably AWS), microservice architecture, container orchestration, and scalable infrastructure. Fluent in agile More ❯

team with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … team with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … on a variety of challenging projects, with multiple security tools. Have a proven track record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding More ❯

support developers in secure coding practices to reduce vulnerabilities proactively. Governance, Compliance & Training Ensure that application security architecture and practices comply with relevant regulatory and industry standards such as PCI-DSS, SOC 2, ISO 27001, and GDPR. Lead efforts to prepare for and support external and internal audits by providing comprehensive documentation, risk assessments, and remediation evidence. Develop … and workload identity management. Proficient in at least one programming or Scripting language such as Python, Java, JavaScript, or Go. Solid understanding of FinTech compliance requirements and standards including PCI-DSS, SOC 2, GDPR, and ISO 27001. Excellent communication and collaboration skills, capable of working with diverse teams and stakeholders. Nice to Have Industry certifications such as Certified More ❯

GDPR, ISO 27001, and Cyber Essentials, and a willingness to navigate evolving guidance such as Network and Information Systems Regulations 2018 (NIC) or Payment Card Industry Data Security Standards (PCI DSS) Strong communication and documentation skills, with the ability to collaborate effectively with cross-functional teams, including Engineering, Product, and Legal. A self-starter mindset, who is proactive … and growth. Desirable Qualifications and/or knowledge (any of the following): Certifications or practical experience as/in CISMP, CompTIA Security+, ISO 27001 Lead Implementer, CISM, CISSP, or PCI DSS QSA. Awareness of key regulations, including UK GDPR, Data Protection Act 2018, and the NIS Regulations An understanding of security risk management, governance, and policy implementation Awareness More ❯

Role Our client, a leading organisation in Berkshire, is seeking an experienced Information Security Specialist with in-depth knowledge of ISO 9001, ISO 14001, ISO 22301, ISO 27001, and PCI-DSS compliance. This role will be central to designing, implementing, and maintaining best-in-class security and compliance frameworks, ensuring that all information assets and operational processes are … safeguarded to the highest standards. Key Responsibilities Develop, implement, and maintain compliance with ISO , and PCI-DSS standards. Conduct risk assessments, security audits, and vulnerability testing across systems and processes. Lead incident response activities, ensuring rapid and effective mitigation. Collaborate with internal stakeholders and external auditors to achieve and maintain certifications. Deliver organisation-wide security and compliance awareness … and report on security performance, providing actionable recommendations. Essential Skills & Qualifications ISO 27001 Lead Implementer or Lead Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO , and PCI-DSS. Strong understanding of governance, risk management, and regulatory compliance. Proficiency with security monitoring tools and incident management processes. Excellent analytical, communication, and leadership skills. Desirable Knowledge of GDPR More ❯

forensic data from platforms like CrowdStrike and RoboShadow Conduct root cause analysis and manage remediation Compliance, Risk & Certification Support: Guide clients through Cyber Essentials/CE+, ISO 27001, and PCI DSS frameworks Perform regular risk assessments, policy audits, and technical documentation Ensure evidence gathering, hardening practices, and governance alignments are audit-ready Monitoring, Reporting & Visibility: Produce internal and … working knowledge of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incident response experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts More ❯

ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application of established standards including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and/or external compliance audit activities. … we continue to deliver for our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player More ❯

troubleshoot across Windows, Active Directory, and complex cloud setups Experience with SQL Server, SMTP, IIS, and CI/CD pipelines Knowledge of cloud security standards such as ISO27001 and PCI-DSS Experience using ticketing systems (e.g. Jira) and improving support workflows Excellent communication skills, able to explain technical concepts to non-technical stakeholders Passion for automation and an … Systems Engineer/Azure/AWS/Terraform/Ansible/Windows/Active Directory/SQL Server/CI/CD/VPN/Firewalls/ISO27001/PCI-DSS More ❯

Framework. Ensuring compliance with applicable legislation, regulatory requirements, and business obligations, as well as adherence to the most current frameworks and standards (e.g., Licence 4, ISO 27001, WLA:SCS, PCI-DSS, and DPA 2018). Coordinating and participating in internal and external security and privacy audits. This includes ensuring necessary evidence is available and that audit findings or … principles, including relevant concepts, standards, frameworks, and technologies Good knowledge of UK Data Protection legislation and its underlying principles Experience in managing security governance and compliance obligations (e.g., DPA, PCI-DSS, ISO 27001) The ability to work independently with minimal supervision, as well as effectively contribute to larger, more complex project teams Strong communication skills, with the ability More ❯

culture of security awareness across engineering and business teams. Compliance and Standards : Ensure product security practices align with relevant security frameworks and standards (e.g., OWASP, NIST, ISO 27001, GDPR, PCI DSS). Support regulatory compliance efforts and maintain evidence to meet audit requirements. Collaboration and Communication : Function as the primary interface between security, development, and infrastructure teams, ensuring … reviews, and penetration testing. Proven ability to secure cloud-native architectures, containerization technologies, and Infrastructure as Code (IaC) environments. Familiarity with industry standards and frameworks such as OWASP, BSIMM, PCI DSS, ISO 27001, and GDPR. Security Integration experience: Demonstrated ability to seamlessly integrate secure development practices into SDLC/SSDLC workflows. Skilled in implementing technical security controls and More ❯

TCP-level integrations). Implement secure coding practices aligned with industry standards. Contribute to architecture discussions ensuring systems remain stateless where possible. Develop solutions that maintain systems out of PCI DSS scope , with an understanding of compliance requirements. Support projects involving credit card processing systems , focusing on cardholder present transaction scenarios . Work with POS systems , Engage with … development on Microsoft IIS . Practical knowledge of network programming and common web service architectures (XML, JSON). Understanding of secure software development standards and practices . Awareness of PCI DSS principles , with the focus on maintaining systems outside PCI scope. General understanding of the credit card industry , including transaction types and workflows. Desirable (Nice to Have More ❯

as part of our team. About the role As a DevOps Engineer, you will be responsible for designing, implementing, and managing AWS-based highload infrastructure while ensuring compliance with PCI DSS security standards. You will play a crucial role in automating deployments, optimizing system performance, and maintaining reliability in a high-scale environment. The role requires expertise in … redundancy. Develop and optimize CI/CD pipelines to streamline deployments and support zero-downtime releases. Monitor system performance, troubleshoot issues, and implement security best practices in compliance with PCI DSS. We're looking for you if you have 5+ years of DevOps experience, with a focus on AWS, CI/CD, and highload environments. Experience deploying and maintaining … Docker, Kubernetes, and Infrastructure as Code (IaC). Proven track record of achieving high availability for mission-critical services. Solid knowledge of monitoring, security best practices, and compliance with PCI DSS standards. Bonus Points Experience with DORA compliance for financial service providers. What's in it for You Reveal great tech solutions Join the team of experts who More ❯

makes an impact.Your role will involve: Expanding and maintaining a serverless payment processing platform built with TypeScript, Node.js, and AWS services like Lambda, API Gateway, and DynamoDB. Ensuring continued PCI DSS compliance across the full development lifecycle, including patching, error tracing, and applying secure coding practices. Designing secure, well-documented service interfaces and abstractions over external APIs used … technologies. Working knowledge of Infrastructure-as-Code tools. Strong background in RESTful API development, secure authentication mechanisms, and API integration best practices. Experience working in regulated environments such as PCI DSS, or within other compliance-heavy systems. Familiarity with frontend frameworks like React is a bonus. If you're a backend engineer who thrives in cloud-native environments More ❯

an impact. Your role will involve: Expanding and maintaining a serverless payment processing platform built with TypeScript, Node.js, and AWS services like Lambda, API Gateway, and DynamoDB. Ensuring continued PCI DSS compliance across the full development life cycle, including patching, error tracing, and applying secure coding practices. Designing secure, well-documented service interfaces and abstractions over external APIs … technologies. Working knowledge of Infrastructure-as-Code tools. Strong background in RESTful API development, secure authentication mechanisms, and API integration best practices. Experience working in regulated environments such as PCI DSS, or within other compliance-heavy systems. Familiarity with Front End frameworks like React is a bonus. If you're a Back End engineer who thrives in cloud More ❯

understanding of RESTful design and secure authentication. Demonstrated knowledge of API security and OWASP Top 10 vulnerabilities. Experience with Docker, Linux, Git, and container-based environments. Working familiarity with PCI DSS, payment systems, or other regulated environments. Requirements We are looking for candidates with the following: Strong hands-on experience with TypeScript and Node.js. Frontend familiarity is helpful … Responsibilities Key responsibilities in this role will include: Maintaining and expanding our serverless card payment infrastructure built with TypeScript, Node.js, and AWS (Lambda, API Gateway, DynamoDB). Ensuring continued PCI DSS compliance. Working with others to fix bugs and implement minimal new APIs that interface with our clients. More ❯

the services' end-users in the Retail Bank, Business Bank and SBS. Centrally manage our cost of acquiring and acquiring relationships Act as the business owner for merchant acquiring PCI-DSS requirements Manage related payout/refund/indemnity services Open Banking solutions Alongside technology, run and develop our open banking Payment Initiation Services and our internal AIS … solutions to market Support with customer price setting (where relevant) and manage service costs Requirements Essential experience Must have run scale card acquiring relationships on the merchant side, covering PCI-DSS Must have experience in PIS and AIS capabilities, across multiple use cases Must have knowledge of and experience in Direct Debit Origination services Strong payments vocation - must More ❯